We should opt into data tracking, not out of it, says DuckDuckGo CEO Gabe Weinberg (Vox)
On the latest Recode Decode with Kara Swisher, Weinberg explains why it’s time for Congress to step in and make "do not track" the norm.

This is a long, thorough, and very in-depth interview with Gabe Weinberg, covering several inter-linked topics. First is privacy, which is DuckDuckGo’s raison d’être. Near the end of this topic, there’s some talk about why some people don’t care about the privacy impact of the data collection underpinnings of the mainstream web.

One of the things a lot of people do bring up with me still, though, is, “Well, I don’t really care. I don’t have much to hide. It doesn’t matter.” I get that all the time. Like, who cares if they know if I went to Best Buy and bought a, whatever I bought. Talk to why that might be not the best way to think about it.

There’s two answers to that. One is philosophical, in that privacy is a fundamental human right, and so you don’t need to care or hide anything to exercise your rights. You wouldn’t say that for speech. Just because you have nothing to say doesn’t mean you should never have free speech. That’s kind of on the philosophical side.

On the harm side, there are some that people don’t realize. A lot of people really don’t like the creepy ads following them around. Some people seem to be fine with that. At a deeper level, there’s this thing called the filter bubble, which is that recommendation algorithms, and in particular, search results, are tailored to you, and that means that you’re not seeing what everyone else is seeing, and that actually distorts the democracy. That’s a real harm to individual people and society.

I don’t think I’ve seen the “I’ve got nothing to hide” vs right to privacy argument reframed against a “nothing to say” vs right to free speech argument. I’ve not though about it enough yet to get a feel for if it holds up under scrutiny, but at first blush it seems good.

The next topic covered after privacy is the “filter bubble” and how the idea of it has gone mainstream in the last few years:

I’ll give you an example. We’ve been talking about the filter bubble for years. In 2012, we ran a study on Google that we think influenced the 2012 election, that’s how long ago it was, but nobody … we had to speak for 10 minutes to explain what the filter bubble was back then. But after 2016, in the last two years, now we can talk about the filter bubble, just name it and people know what it is, generally. How many people know what the filter bubble is, I’m just curious?

Explain the filter bubble.

Well, it’s the idea — first of all, that percentage is very high, so I like that — but it’s the idea that for search in particular, as an example, when you search, you expect to get the results right? If you searched for gun control or abortion, you expect, we search at the same time right here, you would expect to get the same thing. But that’s actually not what we found when we did a study on Google.

Yes, there could be different search results.

Yeah, and people don’t realize that. So in addition, we found that it varies a lot by location, and so if you take that to the extreme, let’s say that voting districts are getting different results for candidates or issues, it can skew the polarization of that district very easily over time. Because people who are undecided are actually searching for these topics, and people generally click on the first link, and if you’re controlling that first link in that district, that’s what people are going to learn about.

I haven’t had time to read the entire transcript yet (it’s pretty long), but I’m going to try to digest it over a couple of sessions.

So after the preamble, which should give you a frame of reference to what I’m aiming to do in this mini-series of posts about improving my online privacy and security, this short post will talk about the first steps I’m taking to tighten everything up. As this is all at the very beginning of my learning journey, all of these might change in the future. If they do, I will update the post and add a comment below.

In this post I look at two of the fundamentals of privacy on the web: the web browser and search engine. I’m mainly looking at the desktop for now, rather than mobile, mainly because it’s simpler to focus on one thing while I wrap my head around this stuff!

A Change of Browser

I’ve been using Chrome for years, after it usurped Firefox as the “fast, alternative” browser for Windows. These days, Chrome has become seriously bloated – it’s routinely consuming multiple gigabytes of RAM on my desktop. It may be (usually) fast despite of that, but it slows the rest of the computer. What’s more, it’s so deeply wired into Google’s ecosystem that it’s arguably as much a data hoover for Google as it is a browser.

So I was in the market for a new browser to begin with, and I was looking into alternatives like Chromium or Opera. But once I started diving into things a bit more, pretty much every recommendation for privacy-minded software recommended good-old Firefox, so that’s what I’ve gone with. I followed the configuration guide at PrivacyTools.io, as well as:

  • Turn on Do Not Track
  • Set Firefox to never remember my browsing/download/search/form history
  • Never accept third-party cookies
  • Only keep cookies until I close the browser
  • Never remember logins for sites
  • Turned off Firefox Health Report, Telemetry, and Crash Reporter

Extensions

Most of the extensions I had installed in Chrome were privacy-minded anyway, so were equally applicable to Firefox. Some additions came recommended. At the moment I am using the following:

Mobile

The situation on mobile (in my case, iOS) is a bit less clear. For now I’m not using the Chrome iOS app, reverting to Safari with the addition of a content blocker.

Downsides

The biggest issue with the above setup is it removes a few conveniences: remembering pinned tabs between browser sessions; having to login to websites every time you visit; having to retrace your steps to find a page in the future, if you don’t bookmark it at the time… that sort of thing. I might do a little tuning on this, relaxing the settings a little, but overall I think this might be one of those things that I need to live with.

A Change of Search Engine

Apart from a brief flirtation with DuckDuckGo a few years back, I’ve always used Google as my search engine. It’s constantly been the most reliable, fastest, and all-round best at what it does.

Even so, I’ve never been 100% happy with the fact that Google collects just about every data point they can, that it’s all wrapped up in your Google account, linked to everything you do in their other services, and made available for advertisement targetting (amongst who knows how many other things). As someone who’s had a Gmail account since they were invite only, I know Google has a fucktonne of data on me already; the genie is well and truly out of the bottle in that regard.

That doesn’t mean I can’t stop giving them more data. Sure, they’ll get the odd bit here and there when I use YouTube, or the odd email that hits my old, pretty much unused Gmail account, but that’s really it – if I change my search engine to somewhere else.

The obvious thing to do would be to revert back to DuckDuckGo, as I already have experience of it, and it’s accurate enough… but I wanted to try something different for the moment, while I’m still in the learning phase of this little project.

I tried all the recommendations at PrivacyTools.io. Searx generally gave me terrible results, but is an interesting idea; Qwant gave me some decent web results, but the included News results were mostly irrelevant, and I couldn’t find a way to turn these off. StartPage had been recommended in other places too, and overall was the best performing of the bunch – possibly not surprising, as it’s effectively a proxy for Google search, so seems like a win-win in this case. For now, I’ve set it as the default search engine in Firefox.

Mobile

For searches on my iPhone, I’ve set the default search engine to DuckDuckGo, as it’s the best of those available.